Implement Coder Secrets feature #779
Description
For every issue, if necessary refer to RFC for the latest up-to-date version
Prototype
- feat: basic implementation of secrets feature [DO NOT MERGE] coder#18775
- coder/terraform-provider-coder@cc9e59b
Prototype covers DB, API, CLI, Runtime-Injection, Build-Time Injection for user-secrets.
Early Access
Back-end
- Define database schema for user-secrets #780 - 5 (complexity) - @evgeniy-scherbina
- Define and implement API for user-secrets #781 - 10 - @evgeniy-scherbina
- Integrate user-secrets with DBCrypt #789 - 5
- Define and implement CLI for user-secrets #791 - 5
- Runtime Secrets Injection (Environment Variables) #793 - 10 - @cstyan
- Runtime Secrets Injection (Files) #794 - 5
- Build-time Secrets Injection #795 - 10 - @bcpeinhardt
- Coder Secret Requirement #796 - 5
- Create API for letting user preview which Secrets are needed/used for other Coder functionality #807 - 10
- Coder Secrets Telemetry (for Users) #808 - 5
- Make secrets available for coder_scripts #825 - 5
Total complexity - 75 days. 3.5 months for 1 engineer, 2 months for 2 engineers.
Considering some level of uncertainty, let's say 2-3 months for 2 engineers.
UI Design
Note: Time estimates are much more likely to be inaccurate for this section. We did not consult Rachel.
- Design page for interacting with user-scoped secrets #847 – 5
- Redesign workspace creation page to support adding user secrets at workspace creation time #851 – 3
Front-end
- Create frontend API functions for user secrets #843 - 1
- Formalize frontend caching strategy for ALL queries and mutations #875 – 5
- Define caching strategy for API calls for user secrets #842 - 1
- Create system for hiding incomplete frontend features from users – 3 (this is work that should be done, but not making a ticket yet because some of this might've already been done for Dynamic Parameters)
- Implement visual designs for User Secrets page #829 - 5
- Implement visual updates to Workspace Creation page to support user secrets #831 - 5
- Update batch-update functionality to let users add missing secrets when updating #846 - 5
- Workspace Details Page: Let users add missing secrets when updating manually #877 – 3
- Update all frontend functionality for user secrets to use live data #876 – 3
Total estimate: ~31 days (probably closer to 36 days if we consider the sibling issues for #846 and #877). We should be able to parallelize a lot of this work, especially if we build out features using mock data
Beta
Back-end
- Define database schema for org-secrets #799 - 5 (complexity)
- Implement group-based access for Organization Secrets #800 - 5
- Define and implement API for org-secrets #801 - 10
- Integrate org-secrets with DBCrypt #804 - 5
- Define and implement CLI for org-secrets #802 - 3
- Runtime Secrets Injection for Organization Secrets #803 - 5
- Build-time Secrets Injection for Organization Secrets #805 - 5
- Coder Secret Requirement for Organization Secrets #806 - 5
- Coder Secrets Telemetry (for Templates and Organizations) #809 - 5
- Implement Audit Logging for Coder Secrets #810 - 5
- Integrate Org Secrets with Secrets Preview #827 - 3
- Integrate Org Secrets with Coder Scripts #828 - 3
Total complexity - 59 days. 3 months for 1 engineer, 2 months for 2 engineers.
Considering some level of uncertainty, let's say 2-2.5 months for 2 engineers.
UI Design
Note: Time estimates are much more likely to be inaccurate for this section. We did not consult Rachel.
- Design page for interacting with organization-scoped secrets #852 – 3 (assuming we can reuse a lot of work from the user secrets page)
- Update design for workspace creation page to support org-scoped secrets #873 – 1
Front-end
- Create frontend API functions for organization secrets #844 - 1
- Define frontend caching for organization secret API calls #845 - 1
- UI page for CRUD operations with org-secrets #830
- Extend UI Page for Org Secrets to let org admins configure access to secrets #832
- Extend UI page for Secret Preview with org-secrets #833
Execution plans
